Transfer Learning for Image-Based Malware Detection for IoT

The tremendous growth in online activity and the Internet of Things (IoT) led to an increase in cyberattacks. Malware infiltrated at least one device in almost every household. Various malware detection methods that use shallow or deep IoT techniques were discovered in recent years. Deep learning mo...

Descripción completa

Detalles Bibliográficos
Autores principales: Panda, Pratyush, C U, Om Kumar, Marappan, Suguna, Ma, Suresh, S, Manimurugan, Veesani Nandi, Deeksha
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2023
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10051059/
https://www.ncbi.nlm.nih.gov/pubmed/36991965
http://dx.doi.org/10.3390/s23063253
_version_ 1785014782980521984
author Panda, Pratyush
C U, Om Kumar
Marappan, Suguna
Ma, Suresh
S, Manimurugan
Veesani Nandi, Deeksha
author_facet Panda, Pratyush
C U, Om Kumar
Marappan, Suguna
Ma, Suresh
S, Manimurugan
Veesani Nandi, Deeksha
author_sort Panda, Pratyush
collection PubMed
description The tremendous growth in online activity and the Internet of Things (IoT) led to an increase in cyberattacks. Malware infiltrated at least one device in almost every household. Various malware detection methods that use shallow or deep IoT techniques were discovered in recent years. Deep learning models with a visualization method are the most commonly and popularly used strategy in most works. This method has the benefit of automatically extracting features, requiring less technical expertise, and using fewer resources during data processing. Training deep learning models that generalize effectively without overfitting is not feasible or appropriate with large datasets and complex architectures. In this paper, a novel ensemble model, Stacked Ensemble—autoencoder, GRU, and MLP or SE-AGM, composed of three light-weight neural network models—autoencoder, GRU, and MLP—that is trained on the 25 essential and encoded extracted features of the benchmark MalImg dataset for classification was proposed. The GRU model was tested for its suitability in malware detection due to its lesser usage in this domain. The proposed model used a concise set of malware features for training and classifying the malware classes, which reduced the time and resource consumption in comparison to other existing models. The novelty lies in the stacked ensemble method where the output of one intermediate model works as input for the next model, thereby refining the features as compared to the general notion of an ensemble approach. Inspiration was drawn from earlier image-based malware detection works and transfer learning ideas. To extract features from the MalImg dataset, a CNN-based transfer learning model that was trained from scratch on domain data was used. Data augmentation was an important step in the image processing stage to investigate its effect on classifying grayscale malware images in the MalImg dataset. SE-AGM outperformed existing approaches on the benchmark MalImg dataset with an average accuracy of 99.43%, demonstrating that our method was on par with or even surpassed them.
format Online
Article
Text
id pubmed-10051059
institution National Center for Biotechnology Information
language English
publishDate 2023
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-100510592023-03-30 Transfer Learning for Image-Based Malware Detection for IoT Panda, Pratyush C U, Om Kumar Marappan, Suguna Ma, Suresh S, Manimurugan Veesani Nandi, Deeksha Sensors (Basel) Article The tremendous growth in online activity and the Internet of Things (IoT) led to an increase in cyberattacks. Malware infiltrated at least one device in almost every household. Various malware detection methods that use shallow or deep IoT techniques were discovered in recent years. Deep learning models with a visualization method are the most commonly and popularly used strategy in most works. This method has the benefit of automatically extracting features, requiring less technical expertise, and using fewer resources during data processing. Training deep learning models that generalize effectively without overfitting is not feasible or appropriate with large datasets and complex architectures. In this paper, a novel ensemble model, Stacked Ensemble—autoencoder, GRU, and MLP or SE-AGM, composed of three light-weight neural network models—autoencoder, GRU, and MLP—that is trained on the 25 essential and encoded extracted features of the benchmark MalImg dataset for classification was proposed. The GRU model was tested for its suitability in malware detection due to its lesser usage in this domain. The proposed model used a concise set of malware features for training and classifying the malware classes, which reduced the time and resource consumption in comparison to other existing models. The novelty lies in the stacked ensemble method where the output of one intermediate model works as input for the next model, thereby refining the features as compared to the general notion of an ensemble approach. Inspiration was drawn from earlier image-based malware detection works and transfer learning ideas. To extract features from the MalImg dataset, a CNN-based transfer learning model that was trained from scratch on domain data was used. Data augmentation was an important step in the image processing stage to investigate its effect on classifying grayscale malware images in the MalImg dataset. SE-AGM outperformed existing approaches on the benchmark MalImg dataset with an average accuracy of 99.43%, demonstrating that our method was on par with or even surpassed them. MDPI 2023-03-20 /pmc/articles/PMC10051059/ /pubmed/36991965 http://dx.doi.org/10.3390/s23063253 Text en © 2023 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Panda, Pratyush
C U, Om Kumar
Marappan, Suguna
Ma, Suresh
S, Manimurugan
Veesani Nandi, Deeksha
Transfer Learning for Image-Based Malware Detection for IoT
title Transfer Learning for Image-Based Malware Detection for IoT
title_full Transfer Learning for Image-Based Malware Detection for IoT
title_fullStr Transfer Learning for Image-Based Malware Detection for IoT
title_full_unstemmed Transfer Learning for Image-Based Malware Detection for IoT
title_short Transfer Learning for Image-Based Malware Detection for IoT
title_sort transfer learning for image-based malware detection for iot
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10051059/
https://www.ncbi.nlm.nih.gov/pubmed/36991965
http://dx.doi.org/10.3390/s23063253
work_keys_str_mv AT pandapratyush transferlearningforimagebasedmalwaredetectionforiot
AT cuomkumar transferlearningforimagebasedmalwaredetectionforiot
AT marappansuguna transferlearningforimagebasedmalwaredetectionforiot
AT masuresh transferlearningforimagebasedmalwaredetectionforiot
AT smanimurugan transferlearningforimagebasedmalwaredetectionforiot
AT veesaninandideeksha transferlearningforimagebasedmalwaredetectionforiot

Ejemplares similares